d67a1767c47bb22e9ce2ed0c1e753ea1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d67a1767c47bb22e9ce2ed0c1e753ea1_JaffaCakes118
Size

864KB
MD5

d67a1767c47bb22e9ce2ed0c1e753ea1
SHA1

a33482b8199f56c66c5a478bbdd335bc3182f5e2
SHA256

505d2ad47a0b0b946de298881f375dcc4e1545018860517a46a5885941a31df0
SHA512

bf2f860308b03317a62219dff91327a383a9de174fac3bf54d5a90371a05498862b41a2de56f0b58526ca654e506e8232b539394520b9175422650361f6cbc21
SSDEEP

24576:LzSpaQwzEKiBqjDwwwdglZFY5+83/KqnghiB:vdtX3jJwdgjFDk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d67a1767c47bb22e9ce2ed0c1e753ea1_JaffaCakes118

Files

d67a1767c47bb22e9ce2ed0c1e753ea1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

712998201552055f114e12929aa51139

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

DeregisterEventSource
AddAce
GetSidSubAuthority
CopySid
CryptContextAddRef
CryptHashSessionKey
FindFirstFreeAce
BackupEventLogA
AccessCheck
IsTextUnicode
GetAclInformation
CryptGetKeyParam
RegOpenKeyA
CryptSignHashA
BuildSecurityDescriptorA
ChangeServiceConfigA
RegDeleteValueA
EnumDependentServicesA
GetSecurityDescriptorOwner
AllocateAndInitializeSid
GetTrusteeTypeA
CryptEncrypt
GetMultipleTrusteeA
CryptSetKeyParam
GetExplicitEntriesFromAclA
QueryServiceObjectSecurity
PrivilegeCheck
RegConnectRegistryA
RegSaveKeyA
RegFlushKey
RevertToSelf
RegUnLoadKeyA
RegQueryValueA
ControlService
GetSecurityDescriptorControl

user32

DestroyMenu
GetMenuState
SendIMEMessageExA
MonitorFromPoint
ChildWindowFromPointEx
EnumClipboardFormats
LoadIconA
IsMenu
EndMenu
DispatchMessageA
GetLastActivePopup
CascadeWindows
DrawFrame
LoadAcceleratorsA
EnumDisplayMonitors
TileWindows
AlignRects
TranslateAccelerator
MessageBoxA
InsertMenuItemA
GetTopWindow
CharNextExA
SetSysColors
UnhookWinEvent
DdeClientTransaction
LookupIconIdFromDirectory
DefMDIChildProcA
SetWindowRgn
GetClassInfoA
GetKeyboardLayoutList
GetShellWindow
wvsprintfA
SetKeyboardState
GetUserObjectSecurity
GetDoubleClickTime
LoadMenuIndirectA
RemovePropA
VkKeyScanA
GetKBCodePage
ShowWindowAsync
CharToOemBuffA
DlgDirSelectExA
DdeQueryStringA
ArrangeIconicWindows
ChangeMenuA
SwitchToThisWindow
SetDoubleClickTime
DdeEnableCallback
GetWindowInfo
GetComboBoxInfo
OpenDesktopA
GetMenuItemCount
IsCharLowerA
FindWindowExA
GetAsyncKeyState

kernel32

WriteProcessMemory

Sections

.gnspy
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mpaxo
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lwne
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xcv
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xgj
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wbs
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bwvor
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gteps
Size: 49KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.inmj
Size: 125KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

712998201552055f114e12929aa51139

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.gnspy Size: 638KB - Virtual size: 1.3MB

.mpaxo Size: 6KB - Virtual size: 8KB

.lwne Size: 19KB - Virtual size: 27KB

.xcv Size: 512B - Virtual size: 21KB

.xgj Size: 6KB - Virtual size: 15KB

.wbs Size: 512B - Virtual size: 56B

.bwvor Size: 512B - Virtual size: 24B

.gteps Size: 49KB - Virtual size: 77KB

.inmj Size: 125KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.gnspy
Size: 638KB - Virtual size: 1.3MB

.mpaxo
Size: 6KB - Virtual size: 8KB

.lwne
Size: 19KB - Virtual size: 27KB

.xcv
Size: 512B - Virtual size: 21KB

.xgj
Size: 6KB - Virtual size: 15KB

.wbs
Size: 512B - Virtual size: 56B

.bwvor
Size: 512B - Virtual size: 24B

.gteps
Size: 49KB - Virtual size: 77KB

.inmj
Size: 125KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB